Forum Replies Created
-
AuthorPosts
-
Hello Stan,
This is very natural – we can’t go back in time and change old applications, so while AxCrypt 2 can open all files including AxCrypt 1-files, AxCrypt 1 can’t open AxCrypt 2 files. (We could of course do an update to AxCrypt 1 for this, but it’s a *lot* of work, and we’re not actively supporting AxCrypt 1 any more).
The solution, if you really wish to downgrade AxCrypt, is to decrypt the file with AxCrypt 2 and then re-encrypt with AxCrypt 1. The easiest way to do this is to use the portable / standalone version of AxCrypt 2 which does not require installation and can thus co-exist with version 1. You’ll find it on the download page.
Hi Geoff,
Here’s the thing – if you have an old account that you’ve forgotten the password for, you can safely reset it. You should then use that password when you sign in to AxCrypt to work with your files. In the future after the upgrade, you’ll just be using that password. If your existing password for your files is strong enough, do use that. It’ll make the use much easier.
Go here to reset your password (this link is in the program as well): https://account.axcrypt.net/Home/PasswordReset .
Hi Disappointed,
Thanks for taking the time to discuss these issues.
We do take peoples comments and views very seriously, but we can’t make everyone happy, and especially not ‘now’ – we’re still short of resources. As mentioned, we’ve already done a lot of modifications based on user feedback.
As for the self-executable issue, as a result of this and other similar discussions we’re not considering a twist on that which goes like this:
Select any number of encrypted files, and then do “zip and include AxCrypt” (final name not decided;-).
What happens is we take the encrypted files, add the standalone AxCrypt, and zip them to a single archive that can then be stored or emailed or whatever.
Some mail servers will still block it, because there’s an executable inside the zip, but it’s just as convenient for the sender and the receiver and has the added bonus of handling multiple files.
It’s not implemented yet, and we may need to hash it out a bit more, but it’s one way forward to offer equivalent functionality within the current framework.
As for PGP being around 25+ years, that is true, but AxCrypt has been around for 15+ years as open source- that’s not too bad either! Also, that’s PGP. GnuPG is ‘only’ about 19 years old.
Hi GTI and Bob,
Thanks for the feedback – keep it coming. We like the feedback, even when we disagree or when it’s simply incorrect! When we disagree, we get the chance to rethink how we do things, and when it’s incorrect we get a chance to improve how we’re communicating to misunderstandings happens less frequently.
Most things have already been discussed, so I won’t reiterate those points (free vs. premium, open source, revenue, does not require password every time, one password, recent files view) etc except to encourage all readers to check out the blog at http://www.axcrypt.net/blog/ .
It’s never too late to change, and as mentioned earlier, we’re considering how we can please as many of our existing and new users as possible while still maintaining our overall goals of promoting good security practices and providing enough value in the Premium edition to actually fund the continued development.
Hello Disappointed,
Thank you for your feedback! Sorry you’re disappointed of course. I’ll try to shed some light.
It seems you treat “self-decryptable files” as the alternative to “people with whom I share files to download AxCrypt“. There are just so many things wrong with the self-decryptable executable though. See http://www.axcrypt.net/blog/avoid-self-decrypting-files/ .
Instead of a limited problematic self-decrypting exe, we now have a fully featured standalone portable software (that you can send along to your recipients if they in fact can and want to accept executable files).
I do agree that full disk encryption is often a good complement for local file security. AxCrypt is at it’s best when sharing files outside of your computer. That’s why we introduced the simple file sharing feature. Sure, PGP does it too – but for IT experts. Normal people will struggle.
We may indeed later introduce some variant of AxCrypt 2 with a fixed license.
AxCrypt 2 is free (with premium features) open source, actively developed, peer reviewed with full specifications and code available here and here. PGP(i)s current status as free, open source etc is very unclear, at least to me. The lastest from Phil Zimmerman is “New developments: As of June 2010, PGP Corp was acquired by Symantec”. Well… The Wikipedia section sheds no further light: https://en.wikipedia.org/wiki/Pretty_Good_Privacy .
7-Zip *is* a pretty good alternative for simple password based encryption, but it’s slightly less convenient to use and much less so when sharing. But it’s open source, well respected and very stable. I like it!
AxCrypt compresses all data before encryption, by default, just like 7-Zip.
Hi Sanjay!
There’s always a point in making your voice heard. We’ve changed quite a bit of things based on user feedback.
Yes, I could be more clear I guess on why it actually tends to decrease security. I do mention one aspect: Convenience. Iconvenient security solutions are either not used, or worked around. This is well established in many contexts. It’s about practical psychology, not theoretical security. Another aspect is another facet of inconvenience. Invariably, many passwords will be weaker than one strong. It’s just how we’re wired. It’s also the main theory behind single sign on in general, which is fairly well accepted. Yet another aspect is the fact that often the argument is that for less important files, the user is happy with a less secure password. Less secure. This is just faulty logic, since it costs nothing extra to use good security for all files with AxCrypt 2, and by definition it thus reduces security.
I’m afraid I’m totally at odds with your statement “the frequent entering of that password increases the odds that it will be compromised” for a number of reasons. You don’t have to enter it frequently! That’s part of the design! You only enter it *once* per session. To make it convenient. We really believe convenient security solutions increase practical security as opposed to inconvenient theoretically stronger solutions. As for odds increasing, I don’t really see it. Why would the odds of a password leak increase because it’s the same one being entered once, instead of a multitude of passwords being entered all the time?
I’ve updated the blog with a paragraph on why the use of many passwords tends to decrease security. Of course, you may be that one in a thousand who can actually remember a number of 10+ character strong passwords and for what files they are used for. In that case, many passwords won’t be harmful. But it won’t be helpful either.
We’re aiming to provide good, strong, practical easy to use security for the main stream users who do not know anything about cryptography, and don’t want to know anything either. They just want to know that as long as no-one knows their passwords, their files are safe from scrutiny.
We think we do with AxCrypt 2.
All this being said, despite that you may feel we’re not listening, we are. We are constantly evaluating options on how to satisfy as many users as possible while not compromising the overall goals and security of AxCrypt 2. What we’re struggling with is how to provide the option to use different passwords, while not at the same time making it more complex with more options for the majority of users who really like the simplicity of the standard model and while also not encouraging bad security practices.
It’s also a priority thing. Right now we feel mobile apps are more important to get out there, and we’re just starting internal beta testing this week for both iOS and Android!
Hello Curt,
Thank you for your feedback, harsh as it is. Also, it’s a bit incorrect in the part about hardened environments.
As always it’s a tradeoff between various goals. In theory, as you say, if you could have unique, 256-bit, strong passwords for each and every file and keep them in your head and nowhere else, yes, that’s better!
But we’re all humans, and AxCrypt is not about theoretical but practical useful security. In this context we’re really convinced that one strong password for all your AxCrypt-encrypted files is way better than many not-so-strong passwords, or avoiding to encrypt some files because it’s so inconvenient to open them. Also, the flip side of encryption-based security is about not losing your data because you forgot one of your passwords to your files. This is not a theoretical scenario. It happens all the time with AxCrypt 1, not so much with AxCrypt 2.
So, you say, but I’ll keep all my AxCrypt file passwords in an encrypted file with a really strong password, or a password manager. Well, I say, that’s just my point… That’s our argument, but one step removed. Don’t get me wrong, I like password managers, they are great! Which is precisely why one good password for AxCrypt-encrypted files makes sense to us.
I think it’s important to correct statements that are incorrect, in this case that we require you to sign in with a registered email address that won’t work in a “hardened” environment. AxCrypt 2 will use an Internet connection if available, but you can install and use AxCrypt without any Internet connection at all. You can also turn it off at any time, by using the option File | Options | Always Offline .
Sorry to see you go as a user, but I think you’re actually missing out on a really useful and good upgrade to something better!
Finally, you’re of course welcome to recommend or advise against any and all software, but do remember that I’m the same person who wrote AxCrypt 1 as well as AxCrypt 2 – and I’ve not become less of knowledgeable about file encryption in the past 15 years. I recommend AxCrypt 2 over AxCrypt 1, because the risk of data loss is lower, and the security provided is equal to or higher than AxCrypt 1.
Hi Lisa,
Are you really sure? I understand that it can be hard to get rid of.
Anyway, if you’re sure, we’ll need a complete error report from you, like this: http://www.axcrypt.net/blog/send-complete-error-report/
Just don’t be surprised if I come back and say the same thing again ;-) It’s happened before.
Hello Lisa,
Please check out our FAQ at http://www.axcrypt.net/support/faq/#lavasoft-crash .
It’s usually caused by a misbehaving software from a third party, Lavasoft Web Companion.
Hello Jessica,
Unfortunately, right now we don’t have a Mac version :-(
I’m afraid you’ll have to find a Windows computer to open the file. Sorry, but we’re working on this.
Hello Dave,
It sounds like a perfect scenario for AxCrypt 2 key sharing, if I understand it correctly.
Here’s what I think:
You’re “Dave”. You share encrypted documents with “Alice”, “Bob” and “Charlie”.
You have (at least) 4 passwords to keep track of with AxCrypt 1, and “Alice”, “Bob” and “Charlie” has one, or possibly at least 2 if they also use AxCrypt for private data that for example you “Dave” should not have access to.
That’s pretty complicated.
With AxCrypt 2, you instead share the keys to the file with for example “alice@home.com”, “bob@gmail.com” and “charlie@me.com”. You’re “dave@you.com”.
You use one password to sign in to your “dave@you.com” AxCrypt ID. When you open any file, regardelss of if they are shared with Alice, Bob or Charlie, it opens wihtout further ado using your sign in password.
When you send or share the actual shared file with Alice, Bob or Charlie, they sign in to their AxCrypt ID with their own passwords, which you do not know.
Now, everyone can access exactly what they should – you can access all files in this group, while Alice, Bob and Charlie can only access their own files and the ones you have shared the keys with.
Therefor, 1 password is enough. Per person.
Hello Pablo,
Glad it all sorted out for you.
Hello Daniel,
Not 100% sure what you are trying to do – but you should probably stay away from the import/export key functionality. It’s not intended for general use, it’s only for some very special scenarios.
Can you please explain what you are trying to achieve, i.e. what is the situation you’re testing out?
If it’s about sharing encrypted files within the team, you should look at the key sharing functionality. There’s a introductory video about that as well via http://www.axcrypt.net/ .
Hello,
The most common cause is documented in the FAQ, here: http://www.axcrypt.net/support/faq/#lavasoft-crash .
October 17, 2016 at 09:15 in reply to: Can I decrypt my files with forgotten password if I have Premium? #4450Hello Amine,
Having, or not having, Premium makes no difference in the ability to decrypt. If you know the password you will always be able to decrypt, regardless of if the file was encrypted with or without Premium level encryption.
If you do not know the password, you will not be able to decrypt, regardless of if you’re a Premium subscriber or not.
Please see the FAQ for more info about forgotten passwords, http://www.axcrypt.net/support/faq/#forgot-password .
-
AuthorPosts